Connecting to Hotel WiFi. Noob security Q.

Well, I'm away on a job where I had to bring my macbook. So, for the first time I am right now connected to the hotels wifi.

My question is about security. I have no idea who or what or where is my computer able to be seen by others? How secure is the info on my laptop? Or am I worried about nothing?
I mean, I have wpa2 on my home wireless as well as OSX's security and stealth mode.

First, I rely on my Apple firewall, whether home or traveling I go anywhere I want to. So far no problem.

Second, Whenever I'm away from home, I never conduct transactions over the someone else's network. Whoever I may be connecting to probably has adequate security. But, the big but, is what happens to my information when it leaves my MacBook Pro, and before it arrives at the site I'm going to.

There's the folks who provide the connection to the hotel, and where else does it travel to before it's destination?

Thanks..yes, I have my firewall on and stealth mode. The only thing I ever checked off to pass was allow my iTunes on the airport at home.

I understand, I wouldn't do any transactions on anyone elses network. But, say I come here. I have my password (not that my forums passwords are a big deal) in the keychain. So if I go to a forum I'm subscribed to or one of my mail accounts, I'm automatically logged in. Are those passwords, and all the others in the keychain, in any jeopardy?
Thanks

When I travel, I use a VPN. VPNs used to be horribly difficult to configure and get operational. But now there are companies offering VPN service. I use http://www.hotspotvpn.com/
Their website certainly doesn't look like much, but they offer a good service ($8-14/month, depending on how much security you want), and well worth it, if you use WiFi a lot. They also have plans for just a few days, if you travel infrequently.

WPA2 is great for keeping your signal from prying eyes, but once other people are also on your network (Starbuck's, hotels, airports, park benches in enlightened neighborhoods), you need protection for your communications with those banking websites!

Thanks..
I am just doing this once a year big job that i need to travel. I'm just doing internet surfing, not any banking, credit card. ebay or paypal or anything like that.

What is being secured here? The info that is transmitted by the computer?
This is confusing. I understand how if someone from the outside supposedly can't read whats on my computer because of a firewall, but once my keystrokes get transmitted to the network and out onto the net..its out there.....unless OSX encrypts the outgoing transmissions (I haven't a clue)

I guess this is beyond the scope of my original concern. That is, as long as I'm just surfing, I should be ok? But I shouldn't (and I wouldn't) be buying stuff and typing in my credit card numbers or go to my bank and type in my pass.

BUT....if I were go to, say, my banks website, my pass would be in the keychain and automatically log me in. So is that dangerous? Or is that a different situation?

WPA encrypts the radio transmission only between you machine and the WiFi router only. Once it exits the router and enters the establishment's ethernet network, it is in the clear, and someone could sniff the packets on that network if they had access. Anything you enter or receive in your browser or transmit as emails theoretically could be seen, unless you were on a secure socket layer page

If you are on a web page that use secure socket layer (HTTPS), then the communication of text between your browser and the web server is theoretically secure.

However, a nasty little trick that has been played on public WiFi connections is to hijack the DNS servers for that connection, and redirect certain addresses to spoof sites

Remember, anyone who controls a router (or a WiFi connection) can direct normal domain requests to any DNS server they wish. What thieves can do is to build a bogus DNS table that directs say Bank of America . com which would normally be 123.456.789.123 to 234.567.890.123 which is Phishing4Fun . hackers . com -- then they put a simulated BofA login page on the phishing website -complete with https - thus capturing your login.

This trick has been done by people on laptops who broadcast a 'open' WiFi at likely locations such as cafes -- people who use that 'public' connection then are funneled through the thief's laptop instead of the cafe's connection.

Now, whether someone can read what is on your computer or not depends entirely on what services you have open -- if you have file sharing and printer sharing and windows file sharing etc turned on, then they can see whatever you have allowed them to see.

They would not normally have access to your keychain

So turn off all services to the outside world, and turn on your firewall.

MacRumors attracts a broad audience
of both consumers and professionals interested in
the latest technologies and products. We also boast an active community focused on
purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms.